Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

IDS Log analysis

I got many log.YYMMDD file in my FTP server, I want to use Private-I to analysis, What tool can combine many these log.YYMMDD files become a file

Thanks your help

Cisco Employee

Re: IDS Log analysis

I am not familiar with how the Private-I tool operates, you may want to refer to their documentation about what it expects as input. Meanwhile, you ought to be able to 'cat log.* > ids.log' in the directory with the logs (on a unix host) or 'FOR %f IN (log.*) DO type %f >> ids.log' from the command prompt on a Windows host to combine all the files into one file.

New Member

Re: IDS Log analysis

Thanks for you reponse , But i want what tool be used to analysis these log files

Cisco Employee

Re: IDS Log analysis

Use the Cisco IDS management application (CSPM) to receive/view alarms and create reports. CSPM communicates directly with the Sensors so that events are received in "real-time", avoiding the delay created by ftping the files periodically. Cisco does not have a separate tool which pulls in log files and analyzes them. Some of our partners, which are consumers of our alarm data, may have such a tool, but most of them take a direct feed like CSPM.

CreatePlease to create content